Again this year, Steven Van Acker (@StevenVanAcker) from OverTheWire has worked hard to create the HES Wargame and challenges. You can find the introductory letter below to start hacking !

Happy Hacking.

–[ Synopsis

Hello agent Hipnkewl,

As Head of the cybercrime-fighting unit of the best three-letter
agency in the world, I welcome you to the team.

To demonstrate your skills to the rest of team, we have prepared your
first assignment.

The russian Nasenko family has decided to become a crime family. Being
hip and trendy, they have figured out that an online presence is a must in today’s world.
They have set up a server where they are testing and developing the best and latest cybercrime
tools.
What they don’t know, is that we have already infiltrated their business and have a mole
inside their organisation.

Your job is to locate the information hidden by the mole and use it to take down the Nasenko server.
Details about the location of this server will be transmitted once the
mission is a go.

We will be able to sell you directly onsite some pass for the conference. However there is some restriction :
– prices will be be more expense than online payment
– places available will depend of the online attendees registration
– we will accept only cash

The HES conference will once again gather some of the most innovative security researchers worldwide to meet the largest possible European hacking scene. This edition will be held at the Espace Niemeyer, the historic headquarters of the French Communist Party.

Backed up with a Programming Committee* comprised of highly respected members from all corners of the hacking community, Hackito Ergo Sum 2012 expects to meet the technical quality of its previous editions.

The architectural masterpiece of Oscar Niemeyer will host Hackito Ergo Sum during 3 days ; Hackito Ergo Sum will try to put the emerging security concerns under the spotlight by finding synergies between the underground, security experts, and technical decision makers.

To accommodate the international security researchers among speakers as well as in the audience, the highly technical security talks will be given only and entirely in English. This allows us this year to welcome the attendance of Georg Wicherski (CrowdStrike, Germany), Fyodor Yarochkin (Veracode, Taiwan), Mikael Lindstrom (EUROPOL, Netherlands), Marc Van Hauser (THC, Germany), Rodrigo Branco (Qualys, Brasil), Mohamed Saher (Egypt), Daniel Mende et Enno Rey (ERNW, Germany), Cesar Cerrudo (CTO at IOactive Labs, Argentina), all highly respected members of the hacking community, and many many more busticatis from around the globe within the public.

The French security R&D will also be present, with researchers such as Ivan Fontarensky and Iean-Michel Picod (Cassidian), Philippe Langlois (P1 Security), Matthieu Suiche (MoonSols), Jonathan Brossard (Toucan System), as well as Renaud Lifchitz (British Telecom) and the Vupen R&D team.

2011 was both the most catastrophic and the most interesting in terms of information security (Wikileaks and Iraq DoD leaks, Anonymous/Lulzsec hacking the FBI, DDoS becoming a daily diversion for thousands of script kiddies, mafia groups gaining interest in Bitcoin and Tor…). Numerous companies and administrations worldwide, including the ministry of finances and the nuclear giant Areva in France, discovered their core networks had been compromised to unimaginable scales, often for years. The industrial fiasco of RSA also put millions at risk globally, especially in the most sensitive sectors of the economy. In this context : what to expect for 2012 ?

Hackito Ergo Sum will try to anticipate the short term global challenges of 2012 by taking a deep dive into the findings of security researchers around the globe. Previous editions featured entirely new talks such as hacking Scada networks (including satellites!) using X25, new kernel pool overflow exploitation techniques (Tarjei Mandt won the pwnie award 2011 at Blackhat for this amazing research he first presented at Hackito Ergo Sum 2011), reverse engineering of FPGA firmwares, dynamic forensic analysis of malware using either direct RAM access or using emulation (PandoraBochs), fuzzing of virtual machine monitors at interrupt level, hacking Telco Operators at the scale of a country using the SS7 protocol, and GSM security through femtocells for instance.

The global economy of the security industry has also significantly changed over the past few years : private military companies now buy exploits and resell them, including to governments. Intrusions of some of the world’s largest companies such as Nortel, which often lasted years and were operated from foreign countries, show that the game has changed : we are not talking about defacing webpages anymore, espionage of populations, governments and corporations using cyber-means is a reality.

Those questions will be debated in “round table” sessions among hackers, security experts, security vendors and members of public administrations.

The secret of Hackito Ergo Sum lies in its spirit : as a 100% non profit event and because it is open and welcomes anyone, we can count on hackers from all borders to help us. This open spirit will also be reflected by the associated activities and workshops organized by hackers and for hackers during the conference. Those will include the most awaited wargame from Steven Van Acker of the « overthewire » community, a cryptographic challenge from Eloi Vanderbéken, as well as lockpicking workshops.

Finaly, the grugq (Coseinc, Thailand), after organizing the best openbar parties of both HITB and Blackhat US in 2011, will install his Barcon in Paris during HES.

Hackito Ergo Sum is a technical security conference bringing new and exclusive research from all around the world. HES is 100% non profit, and is backed up by the Parisian hackerspace /tmp/lab (http://www.tmplab.org).

Hackito Ergo Sum conference will be held from April 12th to the 14th of 2012 in Paris, France.

Following last edition’s success, HES2012 will continue developing and sharing a pleasant atmosphere and rich technical content, focusing on hardcore computer & network security, insecurity, vulnerability analysis, reverse engineering, research and hacking. We will do our best to help new talents and confirmed experts present their latest research.

HES is and remains an international conference, 100% in English, aiming to gather the best security researchers, hackers, experts, operationals and decision makers in Paris.

This year, we will have one country of honor, from which and for which we expect specific submission and focus. This year, it will be Russia. The goal of such dedication of HES 2012 to Russia is to bring in focus one country and its specific challenges and skills in the matter of security. Russia is indeed one such country, with extremely skilled security researchers and a creative and impressive security industry, but also extremely active malware creators and developped underground market.